this post was submitted on 26 Oct 2023
69 points (94.8% liked)

Technology

35148 readers
225 users here now

This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.


Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.


Rules:

1: All Lemmy rules apply

2: Do not post low effort posts

3: NEVER post naziped*gore stuff

4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.

5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)

6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist

7: crypto related posts, unless essential, are disallowed

founded 5 years ago
MODERATORS
top 6 comments
sorted by: hot top controversial new old
[–] [email protected] 21 points 1 year ago (1 children)

Sounds like 1P handled it about as well as they could, and the attacker didn’t get very far.

[–] [email protected] 16 points 1 year ago (1 children)

Yeah, all things considered this is a good case of proper segmentation, working security controls, and good incident response & crisis communication. Compare this to LastPass to illustrate the difference in how it was handled.

[–] [email protected] 4 points 1 year ago* (last edited 1 year ago) (1 children)

Heh, I joined a company that used 1Password. Loved it. I set up a personal account to replace my use of browser built in password management.

The company got acquired and the acquirer replaced it with their corporate solution, LastPass. Then the LP breach happened and they switched to Keeper. Still prefer 1Password.

[–] tagliatelle 1 points 1 year ago (1 children)

My company switched to LP after the breach. it chief must have gotten a good deal!

[–] [email protected] 2 points 1 year ago

LP is probably very audit-friendly ... (in regards to its stored data).

[–] [email protected] 3 points 1 year ago

No user data was accessed and even if it had, through the use of the very high-entropy recovery code, it wouldn’t have mattered. 1Password continues to be The Good People™️